RoleDefinitions
Provides definitions for roles available in Azure AD, detailing their permissions and scope.
Table Specific Information
Select
Most filters are handled server side, but the specific field of Id will change the endpoint we use to retrieve the data. It must be specified with an '=' or IN condition.
For example:
SELECT * FROM RoleDefinitions WHERE Id = '62e90394-69f5-4237-9190-012177145e10'
SELECT * FROM RoleDefinitions WHERE Id IN ('62e90394-69f5-4237-9190-012177145e10', 'fe930be7-5e62-47db-91af-98c3a49a38b1')
SELECT * FROM RoleDefinitions WHERE DisplayName LIKE '%Admin%'
Columns
| Name | Type | Description |
| id [KEY] | String | The unique identifier for the role definition within Azure Active Directory. |
| allowedPrincipalTypes | String | Specifies the types of principals (for example, users, groups, applications) that can be assigned to this role. |
| description | String | A detailed explanation of the role definition's purpose and functionality. |
| displayName | String | The user-friendly name of the role definition, typically used for display in the Azure portal. |
| isBuiltIn | Bool | Indicates whether this role definition is prebuilt and provided by Azure (true) or custom-created (false). |
| isEnabled | Bool | Specifies if the role definition is currently active and available for assignments. |
| isPrivileged | Bool | Highlights whether this role definition includes privileged or high-impact permissions. |
| resourceScopes | String | Defines the set of resources or scopes (for example, subscriptions, resource groups) where the role applies. |
| rolePermissions | String | Lists the permissions and actions that this role grants within the defined resource scopes. |
| templateId | String | The unique identifier used for associating the role definition with a predefined template in Azure. |
| version | String | The version of the role definition, useful for tracking updates or changes. |